String Method PatternsUsing String Method Patterns, you can save strings that would normally get filtered out by the various string filters you are using. For example, normally strings where the first word starts with a special character such as @ are filtered out. However, if this special character string is passed to the method MessageBox(), then it most likely will be displayed to the end user and should still be caught. By adding MessageBox to the String Method Patterns category of your Rule Set, you'll make sure this string will still be in the Scan Results after a scan. The Edit String Method Patterns list for a java Rule Set is shown below.
The Inherited column lists the name of the Rule Set that defined the string method pattern. A value of 'No' indicates that the pattern is local to the Rule Set. Local patterns can be modified and/or deleted. Inherited patterns can be overridden. To disable a local string method pattern, uncheck the box. To create a new pattern, select the New String Method Pattern link at the top of the page. This displays the Create String Method Pattern form, shown below.
The page contains six fields (seven fields if the language of the Rule Set is Java) used to describe a rule: Name, Pattern, Class or Variable Type(s) if Java, Priority, Description, Help Page, and Enabled. Use the Name field to give your pattern a brief, meaningful name. The Pattern field must contain a valid Regular Expression. For more information on Regular Expression syntax, click here. The Class or Variable Type(s) field is currently available for Java Rule Sets only. This field is a comma-separated list of fully qualified Class or Variable Type(s). It allows you to associate Classes/Types with the method name so detection will only take place when the embedded string is passed to the method of a specified Class/Type. If left blank, then all strings passed to the method (regardless of Class/Type) will be detected. The Priority field is used to rank the detected issue. Priorities range between 0 and 5. Assign priority 0 to indicate a string concatenation. Otherwise, assign priority 1 to 5, with 1 being the most likely to be an issue. Note that the string concatenation priority 0 will display as a 'C' in the Globalyzer Workbench. Use the Description field to (1) enter a more indepth explanation of the pattern, (2) understand the reason for its inclusion in the scan, and/or (3) describe a process to correct the problem. Use the Category field to set a category that can be enabled or disabled in bulk for a ruleset. The Help Page field is where you can provide a URL link for the pattern. This link may either help explain why this pattern is important, or it may explain how to correct the issue found. The Enabled field determines whether the pattern is processed by Globalyzer (checked) or ignored by Globalyzer for now (unchecked). Once you've provided the string method pattern information, click the Create button. The Edit String Method Patterns list redisplays, showing your changes. If a string method pattern is local to the Rule Set, it can be modified and/or deleted. Click on its name hyperlink from the Edit String Method Patterns list. This displays the Edit String Method Pattern page, shown below. All fields are modifiable. Press Update to save any changes. Press Delete to delete the string method pattern. After updating or deleting, the Edit String Method Patterns list redisplays, showing your changes.
If a string method pattern is inherited, it can be overridden. Maybe you want to disable the inherited pattern in your Rule Set. Click on its name hyperlink from the Edit String Method Patterns list. This displays the Override String Method Pattern page, shown below. All fields are modifiable, but if you change the pattern field, you will end up creating an entirely new string method pattern, rather than overriding the inherited one. Press Create to create the override string method pattern. After creating, the Edit String Method Patterns list redisplays, showing your local string method pattern.
To return to the Customize Rule Set page, select the Back to Summary link. |
Configuring Rule Sets